One in Six New AI Accounts Appear Fraudulent, Stripe Says

Patrick Collison, chief executive of Stripe, estimated in a recent podcast that roughly one in six new accounts created on some AI platforms is fraudulent. Fraudulent signups use free inference tokens to run models and consume compute before companies can stop them.

The attacks use automated scripts to create many accounts, claim free trial allocations or use compromised backend API credentials, run large volumes of model calls and then abandon the accounts or sell access to the credentials online. Stripe reports the pattern is widespread and that AI products begin incurring compute costs from the first user interaction.

Emily Sands, Stripe’s head of data and AI, warned that attackers operate at machine speed. “One of the things that’s really scary about that is that these attackers can burn inference costs, can rack up massive usage bills that they never intend to pay, and they can do that very, very quickly because they are consuming tokens at machine speed.” Stripe says abuse tied to AI free trials has more than doubled in the past six months.

A March 2026 report from Grantex found many open-source AI agent projects lack granular identity separation between agents, forcing operators to rotate entire system credentials when an account is compromised. Security researchers say the fraud often exploits weak credential controls rather than complex hacking techniques.

Cybersecurity firm SpyCloud recovered 18.1 million exposed API keys and machine credentials from criminal marketplaces in 2025, including millions tied to AI services. Some stolen credentials are resold through channels that distribute low-cost access to AI models.

Startups are shortening free trials, imposing stricter rate limits and requiring payment details earlier in the signup flow. Stripe reports it expanded its Radar fraud-detection system to evaluate AI registrations using device fingerprints, IP reputation and email-domain history, and that the tool blocked more than 3.3 million potentially risky signups across eight AI companies in the last month.

Stripe has backed a blockchain project called Tempo to enable continuous charging as compute is consumed, and other firms are building real-time application-to-application payment systems, including a project known as x402. Proponents of continuous charging say instant settlement could reduce unpaid usage by removing the delay between consumption and payment.

Industry observers note the attacks increase costs for AI startups because companies pay for compute used during free trials and must invest in stronger detection and payment systems to limit losses.